diff options
| author | Martijn Coenen | 2017-07-28 13:56:06 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman | 2017-08-22 18:43:23 -0700 |
| commit | 5cdcf4c6a638591ec0e98c57404a19e7f9997567 (patch) | |
| tree | 6283d4bca0f2749894552eac2f90502bf43d19e9 | |
| parent | 6f3d791f300618caf82a2be0c27456edd76d5164 (diff) | |
ANDROID: binder: add padding to binder_fd_array_object.
binder_fd_array_object starts with a 4-byte header,
followed by a few fields that are 8 bytes when
ANDROID_BINDER_IPC_32BIT=N.
This can cause alignment issues in a 64-bit kernel
with a 32-bit userspace, as on x86_32 an 8-byte primitive
may be aligned to a 4-byte address. Pad with a __u32
to fix this.
Signed-off-by: Martijn Coenen <maco@android.com>
Cc: stable <stable@vger.kernel.org> # 4.11+
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | include/uapi/linux/android/binder.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/uapi/linux/android/binder.h b/include/uapi/linux/android/binder.h index 51f891fb1b18..7668b5791c91 100644 --- a/include/uapi/linux/android/binder.h +++ b/include/uapi/linux/android/binder.h @@ -132,6 +132,7 @@ enum { /* struct binder_fd_array_object - object describing an array of fds in a buffer * @hdr: common header structure + * @pad: padding to ensure correct alignment * @num_fds: number of file descriptors in the buffer * @parent: index in offset array to buffer holding the fd array * @parent_offset: start offset of fd array in the buffer @@ -152,6 +153,7 @@ enum { */ struct binder_fd_array_object { struct binder_object_header hdr; + __u32 pad; binder_size_t num_fds; binder_size_t parent; binder_size_t parent_offset; |